D-Link And TheGreenBow Solution

DI-824VUP
Wireless VPN Router
Application Note

Version 1.00
(2009-4-24)

D-Link International 1
Confidential and proprietary
 Revision History
Date Rev. Description Editor
Interoperability Compliance Testing Negotiate mode for
2009-4-24 1.0 Phase1 and Phase2 using TheGreenBow VPN Client and D- John Yoong
Link product’s Wireless VPN router DI-824VUP.

1. Introduction
The objective of this document is to provide a guide describing how to configure the
devices to achieve the same environment as show at the network topology.

Users of this document are expected to already possess basic knowledge of D-Link
devices and TheGreenBow VPN program, and are familiar with how to perform basic
configurations. Only important configurations, such as those pertaining to interfacing and
integrating, will be described in this document.

For purpose of reference, configuration files for each device are available for download.

2. Audience
This document is intended for project engineers or end users that need to implement
VPN router DI series and TheGreenBow software at the sites.

3. Objective
This topology consist the scenarios that integrates using TheGreenBow VPN program
and D-Link Wireless VPN router DI-824VUP+ and demonstrate integrations and network
solutions to OBUs, and in addition, to Partners and Customers from D-Link International.

4. List of Equipment and Software

The table below shows the devices information.

Device No. Device Name Device Model Firmware

1 TheGreenBow VPN Client Software - 4.6x

2 Wireless VPN Router DI-824VUP+ 1.06b21

D-Link International 2
Confidential and proprietary
5. Network Diagram

Note: DI-824VUP+ Router is set to allow IPSec pass through.

It is important to note that this application note is also applicable to the following VPN
routers:
• DI-804HV
• DI-808HV
• DI-824VUP
• DI-824VUP+

6. Configurations
In this document, we will only describe the main configurations for this Scenario. The
configurations setting for all the D-Link products will not be described here and for more
detail about the product you can download their user guide.

6.1 TheGreenBow VPN client and D-Link wireless VPN router solutions
(DI-824VUP+)

In this scenario the user can connect back to the Branch office cameras by using
TheGreenBow VPN client tunneling to DI-824VUP+.

All configurations are based on Wireless VPN Router DI-824VUP+ (F/W: 1.06b21) and
TheGreenBow VPN Client software (F/W: 4.60.0.0)

The steps in this configuration are:

• Setup DI-824VUP+ for VPN tunneling
• Setup Dynamic VPN

• Setup TheGreenBow VPN client

D-Link International 3
Confidential and proprietary
 • Setup Phase 1
• Setup Phase 2

6.1.1) Setup DI-824VUP+ for VPN tunneling

6.1.1.1) Setup Dynamic VPN

1) Click on the “VPN” and select the “Dynamic VPN”, please ensure
all other VPN setting is clear or disable.

D-Link International 4
Confidential and proprietary
2) Fill in the details as show below and for the “Preshare key” must
be the same as the preshare key set in Thegreenbow VPN Client
software. Next click on “IKE Proposal”

3) Fill in the setting and select the “Encrypt” and “Auth” algorithm
and lastly, add the profile to the setting to active it.

D-Link International 5
Confidential and proprietary
4) Lastly is to set the “IPSec Proposal”, add the profile to active it.

D-Link International 6
Confidential and proprietary
6.1.2) Setup TheGreenBow VPN Client software

6.1.2.1) Setup Phase 1

1) Right click on the “Root” to add a new “Phase1”, next fill in the IP
address for this VPN Client and Remote gateway IP follow by
Preshared Key and IKE setting.

D-Link International 7
Confidential and proprietary
 Note: the Preshared Key and IKE must be the same setting set in the Wireless
VPN router DI-824VUP+.

6.1.2.2) Setup Phase 2

1) Right click on the “Phase1” to add a new “Phase2”, next fill in the
VPN Client address for this VPN Client and Remote gateway IP
follow by ESP setting.

D-Link International 8
Confidential and proprietary
 Note: the ESP Encryption and Authentication setting must be the same in the
Wireless VPN router DI-824VUP+ IKE and IPSec setting.

7. Interoperability Compliance Testing

7.1) General Test Approach

D-Link International 9
Confidential and proprietary
a. Open the VPN tunnel using different Negotiate Mode in Phase 1 and
Phase 2:

Series Negotiate Mode

Phase 1 Phase 2
AES-SHA AES-SHA
AES-MD5 AES-SHA
3DES-MD5 AES-SHA
3DES-SHA AES-SHA
DES-MD5 AES-SHA
DES-SHA AES-SHA
AES-SHA AES-MD5
AES-MD5 AES-MD5
3DES-MD5 AES-MD5
3DES-SHA AES-MD5
DES-MD5 AES-MD5
DES-SHA AES-MD5
AES-SHA 3DES-SHA
AES-MD5 3DES-SHA
3DES-MD5 3DES-SHA
3DES-SHA 3DES-SHA
DES-MD5 3DES-SHA
DES-SHA 3DES-SHA
AES-SHA 3DES-MD5
AES-MD5 3DES-MD5
3DES-MD5 3DES-MD5
3DES-SHA 3DES-MD5
DES-MD5 3DES-MD5
DES-SHA 3DES-MD5
AES-SHA DES-SHA
AES-MD5 DES-SHA
3DES-MD5 DES-SHA
3DES-SHA DES-SHA
DES-MD5 DES-SHA
DES-SHA DES-SHA
AES-SHA DES-MD5
AES-MD5 DES-MD5
3DES-MD5 DES-MD5
D-Link International 10
Confidential and proprietary
 Series Negotiate Mode
Phase 1 Phase 2
3DES-SHA DES-MD5
DES-MD5 DES-MD5
DES-SHA DES-MD5

7.2) Test Result

a. The VPN tunnel will be open at any negotiate mode set in Phase 1
and Phase 2.

TheGreenBow VPN Software

D-Link International 11
Confidential and proprietary
b. The Wireless VPN Router DI-824VUP+ will show the tunnel is up
at their VPN status.

DI-824VUP+ VPN status

c. VPN Client is able to Ping to the remote network.

D-Link International 12
Confidential and proprietary
8. Conclusion
The Application Notes demonstrate how D-Link VPN products and TheGreenBow
software combined perfectly address the requirements of the small and medium
businesses worldwide. The joint VPN solution offer advantages around multiple access
control and authorization mechanisms for users and tunneling capabilities to access the
entire corporate network; it can also provide different access rights to different users.

D-Link International 13
Confidential and proprietary
D-Link Inc. All Rights Reserved
D-Link is the worldwide leader and an award-winning designer, developer, and manufacturer
of Wi-Fi and Ethernet networking, broadband, multimedia, voice and data communications
and digital electronics solutions.

D-Link International 14
Confidential and proprietary